Information Technology - Computer Passwords

Computer Passwords

Choosing A Good Password
Choosing a good password is very important, because unauthorized users are often able to steal accounts or gain access to a system by guessing passwords. People who try to gain unauthorized access to a computer or a specific account are called "crackers". If your account is compromised, because of either a bad password or other means, the cracker can not only remove or modify any of your files, but he/she can also attack other users on the system, or other systems on the network.
Good passwords are difficult to create; care and thought should go into each one. Here are some guidelines for choosing passwords.
Some examples of bad passwords are:
- your login in any form (as-is, reversed, capitalized, doubled, etc)
- any first or last name, regardless of ordering or capitalization
- license plate numbers
- phone numbers
- social security numbers (in whole or part)
- street, city, state or country names
- any word found in a dictionary, English or other
- cartoon characters
Good passwords are usually pieces of several words, with odd capitalizations. A good password may include punctuation or other non-alphabetic characters. Using digits in unexpected locations can make a password better.
To change your password, login to jade and choose the X option from the main menu to exit to the UNIX shell. Type passwd. When you are prompted for your old password (to verify that you are authorized to change it), enter your current password and then type . Note that the characters you type do not appear on the screen. This is true any time you enter password information. After you hit the return key, you will be prompted for a new password. You must enter the new password twice, to verify the typing of the first entry. To get back to the main menu, type exit at the prompt. Type man passwd for more information about how to change your password.
Note: it may take up to fifteen minutes for a password change to take effect, so you may want to wait a while after changing your password before you try the new one.

Keeping Your Password Secure
You should change your password as soon as you get an account, and then you should change it at least once a year, just to be sure it isn't being used by anyone else. Don't write your password down. It's too easy for someone to discover it. You should choose a password that you can remember.
Don't tell anyone what your password is, under any circumstances. There are crackers who have been known to send mail that appears to be from the system administrator, asking you to change your password to something they give you. Don't ever do this! There is no legitimate reason for anyone to ask for your password. If you ever get mail like this, go to the Information Technology Main Office (LeMans 75C) and report the incident.

Back to Helpful Computing Guides
Last Updated 12/10/97